package com.intelligent.ispc.web.controller;

import com.intelligent.ispc.common.dto.JsonPageResponseDto;
import com.intelligent.ispc.common.dto.JsonResponseDto;
import com.intelligent.ispc.common.utils.ApplicationException;
import com.intelligent.ispc.common.utils.ExceptionMessages;
import com.intelligent.ispc.core.dto.ResourceDto;
import com.intelligent.ispc.core.dto.RoleDto;
import com.intelligent.ispc.core.service.PermissionService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;

import javax.servlet.ServletRequest;
import java.util.List;
import java.util.Map;

/**
 * Created by Peter on 15/11/24.
 */

@Controller
@RequestMapping(value = "/permission")
public class PermissionController {

    @Autowired
    public PermissionService permissionService;

    @RequestMapping(value = "",method = RequestMethod.GET)
    public String nav(Model model, ServletRequest request){
        Subject subject = SecurityUtils.getSubject();
        if(!subject.isPermitted("system:permission:view")) {
            return "error/noPermission";
        }
        Map<String,List<ResourceDto>> resourceDtos = permissionService.findAllResourcesWithCategory();
        model.addAttribute("resourceDtos",resourceDtos);
        return "permission/permissionList";
    }

    @RequestMapping(value = "/list",method = RequestMethod.GET)
    public String listPermission(Model model){
        Subject subject = SecurityUtils.getSubject();
        if(!subject.isPermitted("system:permission:view")) {
            return "error/noPermission";
        }
        List<ResourceDto> resourceDtos = permissionService.findAllResources();

        model.addAttribute("resourceDtos",resourceDtos);
        return "permission/permissionList";
    }

    @ResponseBody
    @RequestMapping(value = "ResourceCanAddRole/{id}",method = RequestMethod.POST)
    public JsonResponseDto ResourceCanAddRole(Model model,@PathVariable("id") String resourceId){
        try {
            Subject subject = SecurityUtils.getSubject();
            if(!subject.isPermitted("system:permission:view")) {
                return JsonResponseDto.FAILURE().setMessage(ExceptionMessages.EXCEPTION_NO_PERMISSION);
            }
            List<RoleDto> roleDtos = permissionService.resourceCanAddRole(resourceId);
            return JsonResponseDto.SUCCESS().setBody(roleDtos);
        } catch (ApplicationException ex) {
            return JsonResponseDto.FAILURE().setMessage(ex.getMessage());
        }
    }

    @ResponseBody
    @RequestMapping(value = "assignRole",method = RequestMethod.POST)
    public JsonResponseDto assignRole(@RequestParam("resourceId") String resourceId,@RequestParam("roleId") List<String>  roleIds){
        try {
            Subject subject = SecurityUtils.getSubject();
            if(!subject.isPermitted("system:permission:edit")) {
                return JsonResponseDto.FAILURE().setMessage(ExceptionMessages.EXCEPTION_NO_PERMISSION);
            }
            permissionService.assignRolesForPermission(resourceId, roleIds);
            return JsonResponseDto.SUCCESS();
        } catch (ApplicationException ex) {
            return JsonResponseDto.FAILURE().setMessage(ex.getMessage());
        }
    }

    @ResponseBody
    @RequestMapping(value = "clearRole",method = RequestMethod.POST)
    public JsonResponseDto clearRole (@RequestParam("permissionId") String permissionId,@RequestParam("roleId") String roleId){
        try{
            Subject subject = SecurityUtils.getSubject();
            if(!subject.isPermitted("system:permission:edit")) {
                return JsonResponseDto.FAILURE().setMessage(ExceptionMessages.EXCEPTION_NO_PERMISSION);
            }
            permissionService.deleteRoleForPermission(permissionId,roleId);
            return JsonResponseDto.SUCCESS();
        }catch (ApplicationException ex) {
            return JsonResponseDto.FAILURE().setMessage(ex.getMessage());
        }
    }

    @ResponseBody
    @RequestMapping(value = "addRoles",method = RequestMethod.POST)
    public  JsonResponseDto addRoles(@RequestParam("roleId") List<String> roleIds){
        try {
            Subject subject = SecurityUtils.getSubject();
            if(!subject.isPermitted("system:permission:view")) {
                return JsonResponseDto.FAILURE().setMessage(ExceptionMessages.EXCEPTION_NO_PERMISSION);
            }
            List<RoleDto> roles = permissionService.searchRoles(roleIds);

            return JsonResponseDto.SUCCESS().setBody(roles);
        } catch (ApplicationException ex) {
            return JsonResponseDto.FAILURE().setMessage(ex.getMessage());
        }
    }

}
